Sherman's Security Blog
I am Sherman Hand. (also known as Policysup) I have created this blog and will use a part of my day to write about what is going on in the world. I hope to discuss things in a down to earth and practical way. I hope to hear back from you on your thoughts. I do not in any way intend to speak for my employer. The content of this blog will be either opinions that are strictly mine, general observations,re posts, or information that is already in the public domain.

Up to 100 legal, IT, cyber security and privacy professionals have committed to give a day to help charities in all aspects of information security and data privacy.

Charities including Great Ormond Street Hospital, Future First and Cancer Research have signed up to the non-profit GiveADay scheme prior to its official launch on 9 October 2014.

The launch will include introductory sessions on best practice in information security and data protection at IP Expo Europe in London.

According to GiveADay, UK charities hold personal and sensitive information on three in four people.

Although charities face the same challenges and obligations to protect that information as many commercial organisations, they typically lack the same level of budget, resources and expertise.

The GiveADay campaign to help redress this imbalance is supported by the Security4Charity.com platform that enables professionals to donate their time to help charities with their cyber security issues.

GiveADay will then match an appropriately skilled and available professional with a charity, based on that organisation’s specific requirements.

Volunteers who have signed up so far include Andrzej Kawalec, CTO of HP, who joins the GiveADay advisory board.

Other advisory board members include Edward Tucker, head of cyber security at HM Revenue & Customs; Brian Honan of BH Consulting; and Neira Jones, an independent security advisor.

Media consultants Jim Shields from Twist&Shout and Neil Stinchecombe from Eskenzi PR are also on the advisory board and have committed support and sponsorship to the campaign.

“Charities are in a particularly vulnerable position – they hold a lot of sensitive data on both their service users and their donors,” said Amar Singh, GiveADay co-founder and privacy and security executive.

“In addition, they are still subject to the same fines from the ICO [Information Commissioner’s Office] as any other company, and are subject to far more rigorous requirements to report a breach.

“We want to support charities to protect the vast quantities of sensitive data they hold with professional advice and training,” said Singh.

Ian Chivers, director of finance and operations for the Great Ormond Street Hospital Children’s Charity, said information security has always been, and continues to be, a big focus.

“The GiveADay movement sounds like a great way to achieve greater focus across the sector and collectively pool our knowledge and experience.” he said.

“Our members – service users and supporters alike – trust us with a lot of their personal data. Protecting their private information is of utmost importance to us and we are delighted that the UK’s best talent are willing to help us with this, via the GiveADay movement,” said Chivers.

Martyn Croft and Brian Shorten, co-founders of the Charities Security Forum (CSF), have welcomed this new initiative to bring information security professionals and charities closer together.

“The Charities Security Forum was founded in 2007 to recognise and support the individuals who carry the responsibility for information security in the third sector,” said Croft.

“For GiveADay to facilitate easy access to freely given expertise in this way is a fantastic opportunity for all charities to further enhance the information security so essential in their work,” he said.